910686c478e2bf563cdba95fd9e44b3e631a4d3cef194b80bd7ac60927c35c6d

Sharing

Copy URL Twitter E-mail

General

Target

910686c478e2bf563cdba95fd9e44b3e631a4d3cef194b80bd7ac60927c35c6d
Size

90KB
MD5

f16298e58a0959e6e0330a2b4f699af9
SHA1

f3a852c7b92aa1590bf732834c615d1af396a061
SHA256

910686c478e2bf563cdba95fd9e44b3e631a4d3cef194b80bd7ac60927c35c6d
SHA512

8e5242b56eab61eb586fdc10611d98e7b3f76279b403ab38f24c56ab611903cb368e6f290457f1acf8da1012da5990ce0d7b361a6b9940c5de39ef6f778f138f
SSDEEP

1536:rZvAUDrEgIkt3Xqiglw1WozNUGqBE4m4AJB8BgBhALNzuUjrD/YWrLqHVmKEPXvx:1vbDrmRlYWopOBER4AxB0uUjrD/YoLyi

Score

N/A

Malware Config

Signatures

Files

910686c478e2bf563cdba95fd9e44b3e631a4d3cef194b80bd7ac60927c35c6d
.exe windows x86

e83cd58aecb416e23de04f5cac5c3d09

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumSystemCodePagesA
BuildCommDCBAndTimeoutsW
DeleteFileA
lstrlen
GetProfileIntW
RaiseException
GetProcessHeap
SetComputerNameW
TlsGetValue
GetPrivateProfileIntA
GetPriorityClass
CancelWaitableTimer
SetMessageWaitingIndicator
ResumeThread
GlobalFree
CreateMailslotA
GetStringTypeExA
CreateMutexA
IsBadCodePtr
GetAtomNameA
SetCalendarInfoW
GetFileAttributesW
OpenFile
HeapCreate
QueueUserAPC
LocalReAlloc
IsBadReadPtr
SetThreadPriority
EraseTape
GetCommProperties
CancelIo
SetCurrentDirectoryA
GlobalHandle
VirtualAlloc
DeviceIoControl
GlobalFindAtomW
WinExec
GetLocaleInfoW
SetConsoleCtrlHandler
GetVersionExA
InitAtomTable
VirtualFree
GetCurrentDirectoryA
CompareStringA
GetProcessShutdownParameters
EnumCalendarInfoExA
FreeEnvironmentStringsA
SetComputerNameA
LocalUnlock
GetFileType
GetProcessPriorityBoost
FindFirstChangeNotificationA
GetThreadContext
FindFirstFileExA
GetComputerNameA
EnumSystemLocalesW
GetFileAttributesA
HeapCompact
LocalCompact
QueryDosDeviceA
SetHandleInformation
IsBadStringPtrW
GetProfileSectionW
WritePrivateProfileStringA
SetTapePosition
HeapDestroy
EnumResourceLanguagesW
EnumResourceTypesA
RemoveDirectoryW
lstrcpyA
ScrollConsoleScreenBufferA
CopyFileExA
SetTimeZoneInformation
IsBadStringPtrA
CloseHandle
SetThreadContext
LoadLibraryExW
GetLogicalDriveStringsA
OpenSemaphoreA
GetTimeFormatA
ReadProcessMemory
FatalAppExitA
SetFileApisToANSI
GetThreadPriorityBoost
GetTempFileNameA
FindNextFileW
SetFileAttributesA
PeekConsoleInputA
FoldStringW
GetModuleFileNameA
lstrcmp
IsBadWritePtr
SetCommBreak
FlushInstructionCache
GenerateConsoleCtrlEvent
GlobalAddAtomA
PeekConsoleInputW
AddAtomA
EnumDateFormatsExA
SetThreadPriorityBoost
SetConsoleScreenBufferSize
GetThreadTimes
GetPrivateProfileStructW
SetCommConfig
GetDateFormatW
LocalHandle
SetHandleCount
FindFirstFileA
GetCurrentDirectoryW
CopyFileW
CreateThread
OpenFileMappingA
SetLocaleInfoW
SetConsoleActiveScreenBuffer
LocalLock
CreateEventW
GetWriteWatch
GetCalendarInfoA
GetDriveTypeA
Heap32Next
GetVersion
GetCurrencyFormatW
GetDefaultCommConfigW
SetDefaultCommConfigW
GetLongPathNameW
DuplicateHandle
VirtualProtect
GetHandleInformation
GetProcessHeaps
GlobalFix

advapi32

AreAllAccessesGranted
CryptDestroyHash
SetSecurityDescriptorGroup
RegSetValueExW
LookupAccountNameA
CryptSignHashW
CryptGenRandom
SetNamedSecurityInfoExA
RegQueryMultipleValuesA
GetCurrentHwProfileA
ObjectCloseAuditAlarmW
IsValidAcl
BackupEventLogW
SetThreadToken
RegRestoreKeyW
SetEntriesInAuditListW
SetPrivateObjectSecurity
AdjustTokenGroups
LookupPrivilegeNameA
EnumServicesStatusW
LookupAccountNameW
OpenSCManagerA
StartServiceCtrlDispatcherA
GetAuditedPermissionsFromAclA
GetSecurityDescriptorSacl
EnumDependentServicesA
EnumServicesStatusA
RegSetValueExA
ConvertSecurityDescriptorToAccessW
CryptExportKey
GetUserNameW
CryptEnumProviderTypesW
CryptAcquireContextA
CryptEncrypt
RegDeleteKeyA
BuildImpersonateExplicitAccessWithNameW
SetEntriesInAccessListA
CreateServiceW
FreeSid
SetEntriesInAclA
RegOpenKeyExA
PrivilegedServiceAuditAlarmA
MakeAbsoluteSD
OpenServiceA
RegQueryValueExW
CancelOverlappedAccess
InitiateSystemShutdownA
BuildTrusteeWithSidA
StartServiceA
GetServiceDisplayNameW
SetNamedSecurityInfoW
GetSidSubAuthority
RegEnumKeyW
GetSecurityInfo
GetTrusteeTypeA
ClearEventLogA
RegReplaceKeyA
BuildSecurityDescriptorW
SetKernelObjectSecurity
GetCurrentHwProfileW
GetUserNameA
RegSaveKeyW
LogonUserA
SetServiceBits
CopySid
SetEntriesInAuditListA
QueryServiceConfigW
GetMultipleTrusteeW
RegLoadKeyA
LookupPrivilegeNameW
QueryServiceStatus
CryptVerifySignatureW
SetServiceObjectSecurity
CryptSetHashParam
RegReplaceKeyW
SetAclInformation
CryptDecrypt
ObjectPrivilegeAuditAlarmW
GetFileSecurityW
ConvertSecurityDescriptorToAccessNamedW
CryptSetProviderW
InitiateSystemShutdownW
GetAccessPermissionsForObjectA
GetAclInformation
OpenSCManagerW
MakeSelfRelativeSD
BuildExplicitAccessWithNameW
GetSecurityDescriptorOwner
DestroyPrivateObjectSecurity
RegNotifyChangeKeyValue
BuildTrusteeWithSidW
CryptAcquireContextW
QueryServiceObjectSecurity
AddAce
AreAnyAccessesGranted
RegOpenKeyExW
LookupAccountSidA
BuildSecurityDescriptorA
CryptGetHashParam
BuildExplicitAccessWithNameA
CryptGenKey
AbortSystemShutdownA
ReadEventLogA
SetFileSecurityW
ConvertSecurityDescriptorToAccessNamedA
GetNumberOfEventLogRecords
CryptSetProviderExA
OpenBackupEventLogA
RegCreateKeyW
StartServiceCtrlDispatcherW
CryptEnumProvidersA
CryptDeriveKey
LookupAccountSidW
SetServiceStatus
RegSaveKeyA
TrusteeAccessToObjectW
LookupPrivilegeValueA

shlwapi

PathIsRootW
StrTrimA
SHOpenRegStream2A
SHRegOpenUSKeyA
StrRChrW
StrFormatByteSizeW
wnsprintfA
SHRegCreateUSKeyW
SHDeleteValueA
SHCreateShellPalette
UrlGetPartA
PathParseIconLocationW
UrlCombineA
PathSetDlgItemPathA
StrCmpNW
PathIsContentTypeA
PathGetDriveNumberA
PathAddExtensionA
PathCombineA
PathFindSuffixArrayW
PathIsLFNFileSpecA
PathUnmakeSystemFolderA
StrTrimW
PathIsDirectoryW
UrlEscapeA
SHRegGetUSValueW
SHSetValueA
StrStrIW
StrChrA
PathUnquoteSpacesA
StrCSpnW
PathIsURLW
StrCatBuffA
PathSetDlgItemPathW
SHDeleteValueW
PathIsUNCServerA
StrStrW
StrCmpW
UrlApplySchemeA
PathCommonPrefixA
PathIsDirectoryA
PathCreateFromUrlA
SHCopyKeyA
StrCmpNIA
PathAppendA
UrlGetPartW
PathBuildRootA
StrPBrkW
UrlUnescapeA
PathRenameExtensionW
StrFormatKBSizeW
AssocQueryKeyW
StrFormatByteSizeA
IntlStrEqWorkerA
SHQueryInfoKeyA
StrCSpnIW
PathRenameExtensionA
SHRegSetUSValueW
PathGetArgsW
SHDeleteEmptyKeyW
UrlUnescapeW
SHRegDeleteUSValueW
PathUndecorateW
SHGetValueW
PathMatchSpecA
SHRegDeleteUSValueA
SHQueryValueExW
StrToIntExW
SHRegQueryUSValueA
PathMakeSystemFolderA
SHDeleteKeyA
StrChrIA
StrCmpNA
PathFindOnPathA
UrlCompareW
StrFromTimeIntervalA
PathRelativePathToW
PathIsRelativeW
SHRegEnumUSKeyA
StrCmpNIW
SHRegWriteUSValueA
SHRegQueryInfoUSKeyA
UrlCombineW
PathIsFileSpecW
PathStripToRootA
PathSearchAndQualifyA
PathIsUNCW
SHRegCreateUSKeyA
GetMenuPosFromID
PathGetDriveNumberW
StrNCatA
UrlIsNoHistoryW
wnsprintfW
PathIsPrefixW
SHRegOpenUSKeyW
PathRemoveFileSpecA
UrlGetLocationW
StrDupA
StrCpyNW
SHRegCloseUSKey
PathRemoveArgsA
StrFormatKBSizeA
PathRemoveArgsW
SHSkipJunction
SHRegEnumUSValueA
PathAddBackslashW
SHEnumValueW
UrlCreateFromPathA
PathIsFileSpecA
UrlIsA

user32

GetActiveWindow
DialogBoxParamW
DdeFreeDataHandle
GetMessageExtraInfo
IsCharAlphaNumericA
InflateRect
GetSystemMenu
ChangeMenuA
DlgDirSelectComboBoxExA
RealChildWindowFromPoint
InSendMessage
OpenClipboard
EnumChildWindows
DrawIcon
ChangeDisplaySettingsExW
InvalidateRgn
SetClassLongA
LoadStringA
DdeKeepStringHandle
GetDoubleClickTime
SwitchToThisWindow
GetClassInfoExW
GetThreadDesktop
SwitchDesktop
IsZoomed
SendMessageCallbackA
DdeCreateDataHandle
GetMonitorInfoW
CharLowerW
GetMenuInfo
GetSysColor
GetWindowTextW
CallWindowProcA
DdePostAdvise
SetDoubleClickTime
BringWindowToTop
CharNextA
GetClipboardOwner
CreateCursor
UnhookWindowsHook
SetPropW
InsertMenuW
SetShellWindow
CharToOemBuffW
GetWindowThreadProcessId
MapVirtualKeyW
GetKBCodePage
GetUserObjectInformationA
SetRect
GetPropA
PaintDesktop
IsCharUpperA
WINNLSGetIMEHotkey
VkKeyScanExW
GetDlgItemInt
GetForegroundWindow
UnregisterHotKey
GetScrollBarInfo
ExcludeUpdateRgn
GetKeyState
SetRectEmpty
MapDialogRect
GetWindowRect
DefWindowProcA
GetClipCursor
GetMenuItemCount
GetClassNameA
GetDialogBaseUnits
LoadMenuW
GetMenuItemID
DragObject
BroadcastSystemMessageA
UpdateWindow
VkKeyScanExA
GetScrollPos
MapVirtualKeyA
CreateAcceleratorTableA
RedrawWindow
ChildWindowFromPoint
SetUserObjectInformationW
CloseClipboard
GetKeyboardType
CharLowerA
GetMessageW
MoveWindow
DrawFrame
CharUpperBuffA
SetThreadDesktop
EditWndProc
DdeConnectList
ShowCaret
GetWindowTextA
ToAsciiEx
SetDeskWallpaper
SetUserObjectInformationA
GetUserObjectSecurity
CharToOemW
WINNLSEnableIME
CreateIconFromResource
LoadCursorW
GetWindowLongA
GetSysColorBrush
PostThreadMessageW
SetMenuItemInfoW
SetWindowTextA
ArrangeIconicWindows
IsWindowVisible
CreateWindowStationW
TranslateAccelerator
AdjustWindowRectEx
SetClipboardData
CloseWindow
SendMessageTimeoutA
FindWindowExW
GetCursorInfo
TrackPopupMenu
FindWindowExA
IsIconic
IsClipboardFormatAvailable
GetMenuItemRect
EmptyClipboard
HiliteMenuItem
LookupIconIdFromDirectory
IsWindowEnabled
GetWindowTextLengthW
DdeNameService
GetWindowContextHelpId
ExitWindowsEx

ole32

StgGetIFillLockBytesOnILockBytes
RegisterDragDrop
CreateGenericComposite
IsAccelerator
CreateDataAdviseHolder
GetConvertStg
CoRegisterMallocSpy
StgIsStorageFile
CreateItemMoniker
CoInitializeSecurity
CoFreeLibrary
StgCreateDocfile
CoGetInstanceFromFile
OleDoAutoConvert
OleIsRunning
CoCreateGuid
WriteClassStg
WriteStringStream
DoDragDrop
CoIsOle1Class
OleIsCurrentClipboard
OleCreateLinkFromDataEx
MonikerCommonPrefixWith
OleUninitialize
CoBuildVersion
GetHookInterface
CoCreateInstanceEx
CoTaskMemAlloc
OleInitialize
OleGetAutoConvert
CoInitializeEx
OleSetContainedObject
CoImpersonateClient
StgOpenAsyncDocfileOnIFillLockBytes
OleFlushClipboard
CoRegisterClassObject
CoAddRefServerProcess
GetDocumentBitStg
OleRegEnumVerbs
CoCreateFreeThreadedMarshaler
CoFileTimeNow
PropVariantCopy
CoGetObject
OleCreateLinkFromData
CoRegisterChannelHook
CoSuspendClassObjects
StgSetTimes
ProgIDFromCLSID
CLSIDFromString
OleQueryLinkFromData
CoDosDateTimeToFileTime
OleSetMenuDescriptor
CreateILockBytesOnHGlobal
EnableHookObject
UpdateDCOMSettings
OleCreateLinkToFile
OleRegGetMiscStatus
CoUnmarshalInterface
CoQueryAuthenticationServices
CoInitialize
OleNoteObjectVisible
ReleaseStgMedium
StringFromCLSID
CoQueryClientBlanket
StgIsStorageILockBytes
UtGetDvtd32Info
StringFromIID
CoGetTreatAsClass
OleSave
StringFromGUID2
StgOpenStorageEx
CreateOleAdviseHolder
OleCreateLink
ReadStringStream
GetRunningObjectTable
OleCreateMenuDescriptor
MonikerRelativePathTo
OleCreateLinkToFileEx
CreateStreamOnHGlobal
ReadFmtUserTypeStg
OleCreateFromDataEx
CoUnmarshalHresult
StgCreateStorageEx
OleCreateLinkEx
CoUninitialize
RevokeDragDrop
UtGetDvtd16Info
CoLoadLibrary
IsEqualGUID
CLSIDFromProgID
CoGetMarshalSizeMax
CoSwitchCallContext
ReadOleStg
CreateAntiMoniker
WriteFmtUserTypeStg
CoReleaseServerProcess
StgOpenStorageOnILockBytes
CoTreatAsClass
OleCreateEx

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e83cd58aecb416e23de04f5cac5c3d09

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shlwapi

user32

ole32

Sections

.text Size: 58KB - Virtual size: 58KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 512B - Virtual size: 24KB

.rsrc Size: 14KB - Virtual size: 16KB

.text
Size: 58KB - Virtual size: 58KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 512B - Virtual size: 24KB

.rsrc
Size: 14KB - Virtual size: 16KB